Does anyone know of any docs on giving machines with certain ips the ability to print remotely while blocking all others? I've never set such a thing up and I'm not sure I'm asking the right question..my boss is asking me about this. -----=====-----=====-----=====-----=====----- Ben Rosenberg mailto:ben@whack.org -----=====-----=====-----=====-----=====----- "I've never been quarantined. But the more I look around the more I think it might not be a bad thing." -JC
It's just setting up special firewall rules or use /etc/hosts.{allow,deny}.
-----Original Message----- From: Ben Rosenberg [mailto:ben@whack.org] Sent: Monday, February 25, 2002 8:53 AM To: suse-security@suse.com Subject: [suse-security] limited remote print server
Does anyone know of any docs on giving machines with certain ips the ability to print remotely while blocking all others? I've never set such a thing up and I'm not sure I'm asking the right question..my boss is asking me about this.
-----=====-----=====-----=====-----=====----- Ben Rosenberg mailto:ben@whack.org -----=====-----=====-----=====-----=====----- "I've never been quarantined. But the more I look around the more I think it might not be a bad thing." -JC
-- To unsubscribe, e-mail: suse-security-unsubscribe@suse.com For additional commands, e-mail: suse-security-help@suse.com Security-related bug reports go to security@suse.de, not here
Thanks. I need to let a specific range in such as 216.112.38.X/24 .. this should be pretty simple. I just needed my head jarred to think of how to do it. Cheers! * Stefan Nauber (nauber@heidelberg.cs2-informatik.de) [020225 00:07]: ->It's just setting up special firewall rules or use /etc/hosts.{allow,deny}. -> ->> -----Original Message----- ->> From: Ben Rosenberg [mailto:ben@whack.org] ->> Sent: Monday, February 25, 2002 8:53 AM ->> To: suse-security@suse.com ->> Subject: [suse-security] limited remote print server ->> ->> ->> Does anyone know of any docs on giving machines with certain ips the ->> ability to print remotely while blocking all others? I've ->> never set such ->> a thing up and I'm not sure I'm asking the right question..my boss is ->> asking me about this. ->> ->> -----=====-----=====-----=====-----=====----- ->> Ben Rosenberg mailto:ben@whack.org ->> -----=====-----=====-----=====-----=====----- ->> "I've never been quarantined. But the more I look around the more I ->> think it might not be a bad thing." -JC ->> ->> -- ->> To unsubscribe, e-mail: suse-security-unsubscribe@suse.com ->> For additional commands, e-mail: suse-security-help@suse.com ->> Security-related bug reports go to security@suse.de, not here ->> ->> -----=====-----=====-----=====-----=====----- Ben Rosenberg mailto:ben@whack.org -----=====-----=====-----=====-----=====----- "I've never been quarantined. But the more I look around the more I think it might not be a bad thing." -JC
Does anyone know of any docs on giving machines with certain ips the ability to print remotely while blocking all others? I've never set such a thing up and I'm not sure I'm asking the right question..my boss is asking me about this.
check /etc/hosts.[allow|deny] to block|enable certain services for hosts to name. Yours Michael Appeldorn
Subject: Re: [suse-security] limited remote print server
Does anyone know of any docs on giving machines with certain ips the ability to print remotely while blocking all others? I've never set such a thing up and I'm not sure I'm asking the right question..my boss is asking me about this.
Hi Ben, good to see you!
check /etc/hosts.[allow|deny] to block|enable certain services for hosts to name.
None of the lpd packages on a SuSE are using these files (they are not
compiled with libwrap support). The next SuSE distribution will be. Patch
for lprold below.
Without this patch, you might have to use kernel packet filter rules.
Greetings,
Roman.
diff -ruN lpr-0.48.orig/lpd/Makefile lpr-0.48/lpd/Makefile
--- lpr-0.48.orig/lpd/Makefile Mon Jan 28 21:51:57 2002
+++ lpr-0.48/lpd/Makefile Mon Jan 28 21:52:22 2002
@@ -1,3 +1,4 @@
+LDLIBS = -lcommon -L ../common_source -lwrap
all: lpd
lpd: lpd.o lpdchar.o printjob.o recvjob.o
diff -ruN lpr-0.48.orig/lpd/lpd.c lpr-0.48/lpd/lpd.c
--- lpr-0.48.orig/lpd/lpd.c Thu Jan 6 21:42:48 2000
+++ lpr-0.48/lpd/lpd.c Mon Jan 28 21:52:51 2002
@@ -68,6 +68,9 @@
#include "lp.h"
#include "pathnames.h"
+#include
On Mon, 25 Feb 2002, Roman Drahtmueller wrote:
Subject: Re: [suse-security] limited remote print server
Does anyone know of any docs on giving machines with certain ips the ability to print remotely while blocking all others? I've never set such a thing up and I'm not sure I'm asking the right question..my boss is asking me about this. would not i have to enter the hosts in hosts.lpd or equal anyway ?
-- BINGO: definitive merger agreement --- Engelbert Gruber ----=~ SSG Fintl,Gruber,Lassnig A6410 Telfs Untermarkt 9 Tel. ++43-5262-64727 ----=~
On Sun, 24 Feb 2002, Ben Rosenberg wrote: Hi, If you use lprold package (original BSD lpd-style:) you have to list machines in /etc/hosts.lpd to allow them accessing your printers. If i got you rigth then this whitelisting aproach is what you need. l8, Sebastian
Does anyone know of any docs on giving machines with certain ips the ability to print remotely while blocking all others? I've never set such a thing up and I'm not sure I'm asking the right question..my boss is asking me about this.
-----=====-----=====-----=====-----=====----- Ben Rosenberg mailto:ben@whack.org -----=====-----=====-----=====-----=====----- "I've never been quarantined. But the more I look around the more I think it might not be a bad thing." -JC
-- ~ ~ perl self.pl ~ $_='print"\$_=\47$_\47;eval"';eval ~ krahmer@suse.de - SuSE Security Team ~
On Sunday 24 February 2002 10:53 pm, Ben Rosenberg wrote:
Does anyone know of any docs on giving machines with certain ips the ability to print remotely while blocking all others? I've never set such a thing up and I'm not sure I'm asking the right question..my boss is asking me about this.
Are You using cups? If not, why not? See your cupsd.conf -- _________________________________________________ No I Don't Yahoo! And I'm getting pretty sick of being asked if I do. _________________________________________________ John Andersen / Juneau Alaska
participants (7)
-
Ben Rosenberg
-
engelbert.gruber@ssg.co.at
-
John Andersen
-
Michael Appeldorn
-
Roman Drahtmueller
-
Sebastian Krahmer
-
Stefan Nauber